package com.qfedu.dtboot.config;

import com.qfedu.dtboot.shiro.UserRealm;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author 水杯
 * @date 2020-08-20 22:04
 */
@Configuration
public class ShiroConfig
{
    /**
     * session管理器
     * @return
     */
    @Bean
    public SessionManager sessionManager()
    {

        DefaultWebSessionManager sessionManager=new DefaultWebSessionManager();
        //设置session的过期时间为1小时，单位是毫秒
        sessionManager.setGlobalSessionTimeout(60*60*1000);
        //扫描session线程，清理超时会话
        sessionManager.setSessionValidationSchedulerEnabled(true);
        //禁用Url重写
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        return sessionManager;
    }
//    @Bean SecurityManager securityManager
   @Bean
   public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager)
    {
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm);
        securityManager.setSessionManager(sessionManager);

        //配置缓存cache
        //java config 依赖注入
        //缓存
        EhCacheManager cacheManager = new EhCacheManager();
        cacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");
        securityManager.setCacheManager(cacheManager);
        return securityManager;
    }

    /**
     * 过滤器
     * @param securityManager
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager)
    {
        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
        shiroFilter.setSecurityManager(securityManager);
        shiroFilter.setLoginUrl("/login.html");//登录页配置
        shiroFilter.setSuccessUrl("/index.html");//认证成功跳转到主页
        //shiroFilter.setUnauthorizedUrl("/");//未授权时的跳转连接
        shiroFilter.setUnauthorizedUrl("/unauthorized.json");//未授权时的跳转连接
        Map<String, String> filterMap = new LinkedHashMap<>();
        filterMap.put("/public/**","anon");
        filterMap.put("/login.html","anon");
        filterMap.put("/sys/login","anon");
        filterMap.put("/captcha.jpg","anon");
        //filterMap.put("/**","authc");//应过滤器下的页面必须验证后才能访问，他实际时SHIRO内部的一个拦截器

        //具有admin角色的用户可以访问/sys/menu/del 角色授权
//        filterMap.put("/sys/menu/del","roles[admin]");
//        //具有Perms[sys:menu:update] 资源权限的用户可以访问
//        filterMap.put("/sys/menu/update","perms[sys:menu:update]");
//        filterMap.put("/sys/menu/list","perms[sys:menu:list]");

        filterMap.put("/**","user");//通过记住我访问
        shiroFilter.setFilterChainDefinitionMap(filterMap);
        return shiroFilter;
    }

//    @Bean
//    EhCacheManager cacheManager()
//    {
//        EhCacheManager cacheManager=new EhCacheManager();
//        cacheManager.setCacheManagerConfigFile("classpath:ehcache.xml");
//        return cacheManager;
//    }
    /**
     * 保证实现了Shiro内部lifecycle函数的bean执行
     * @return
     */

    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor()
    {
        return new LifecycleBeanPostProcessor();
    }

    /**
     * 开启Shiro的注解,需借助SpringAOP扫描使用Shiro注解的类,并在必要时进行安全逻辑验证
     * 配置以下两个bean即可实现此功能
     * @return
     */
    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator()
    {
        DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
        proxyCreator.setProxyTargetClass(true);
        return proxyCreator;
    }
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager)
    {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }









}
